ÂÜÀòÊÓƵ

Americas

Middle East and Africa

Europe

Asia Pacific

ÂÜÀòÊÓƵ Drupal Menu - Mobile

ÂÜÀòÊÓƵ Technologies, Inc. Processor Privacy Statement

ÂÜÀòÊÓƵ Processor Privacy Statement

Last Updated: March 1st, 2018

– –

This privacy statement provides an overview of how ÂÜÀòÊÓƵ Technologies, Inc. and its related corporate affiliates collect, use, store and otherwise process information about you, as well as your choices, as you use ÂÜÀòÊÓƵ business applications like ÂÜÀòÊÓƵ Travel, Expense, or Invoice ("ÂÜÀòÊÓƵ Services") for which your company, institution or other providing entity ("Company") has subscribed. This privacy statement does not cover the use of data by ÂÜÀòÊÓƵ outside of the ÂÜÀòÊÓƵ Services. See ÂÜÀòÊÓƵ's Privacy Policy at /en-us/privacy-policy concerning information collected for sales and marketing purposes and ÂÜÀòÊÓƵ's public-facing corporate and marketing websites.

Your Company may have subscribed to the ÂÜÀòÊÓƵ Services either directly with ÂÜÀòÊÓƵ or indirectly via an authorized reseller of the ÂÜÀòÊÓƵ Services. This privacy statement does not change any terms of a business agreement with your Company or between your Company and a reseller, as applicable, but is simply intended to provide additional information to you regarding the ÂÜÀòÊÓƵ Services. Your Company is regarded as a data controller within the meaning of applicable data protection laws, and ÂÜÀòÊÓƵ's processing of such data for the ÂÜÀòÊÓƵ Services is under the direction of your Company, directly or indirectly as applicable. You should direct any questions about how data about you is used as part of the ÂÜÀòÊÓƵ Services to your Company.

PERSONAL DATA COLLECTED

"Personal Data" means any information relating to you that is entered by or on behalf of your Company or its authorized users of the ÂÜÀòÊÓƵ Services into or derived from their use of the ÂÜÀòÊÓƵ Services. It also includes personal data supplied to or accessed by or on behalf of ÂÜÀòÊÓƵ to provide support for ÂÜÀòÊÓƵ Services. Not all of your Company's data within the ÂÜÀòÊÓƵ Services is Personal Data. As a general matter, Personal Data in the ÂÜÀòÊÓƵ Services includes the following categories of data:

  • Personal profile data, such as name, contact information, travel preferences, financial information and account numbers for related connected services
  • Organizational information, such as employee identification, payroll, cost center, associated approvers information
  • Expense and travel related data, such as expense information, including images of receipts, and travel itineraries
  • Mobile data, such as mobile device information and, when enabled, location data
  • Data for associated connected services to support travel needs, such as account, loyalty program or rewards numbers for taxi or rental cars, airlines or hotels

The categories of information about you collected or derived within the ÂÜÀòÊÓƵ Services depends, in part, on the ÂÜÀòÊÓƵ Services to which your Company has subscribed and how the ÂÜÀòÊÓƵ Services are configured for your Company.

You provide Personal Data directly when you enter it in ÂÜÀòÊÓƵ Services. In some cases, another user, such as an account administrator, may create an account on your behalf or may provide Personal Data as part of your use of the ÂÜÀòÊÓƵ Services at the direction or with permission of your Company.

ÂÜÀòÊÓƵ Services may obtain Personal Data from other sources, as well, such as back office financial or human resources systems, or from travel agents and travel management companies that work with your Company. ÂÜÀòÊÓƵ Services also connect to third party partners and suppliers like airlines, hotel chains, restaurant chains or ride-sharing services. Each of these connected services may enable Personal Data about you to be transferred into the ÂÜÀòÊÓƵ Services. Generally, these connections are controlled by your Company. But, as described below, you can enable the connection of the ÂÜÀòÊÓƵ Services with certain other ÂÜÀòÊÓƵ or third party services you select that result in the collection of additional sources of Personal Data.

When you use the ÂÜÀòÊÓƵ Services, some information like IP address, device or browser information, logs or clickstream information, for example, is automatically collected about your usage and activity on the ÂÜÀòÊÓƵ Service to address technical support issues and understand how you use the ÂÜÀòÊÓƵ Services. ÂÜÀòÊÓƵ may use certain tracking technologies such as cookies, web beacons, or third party analytics tools to obtain such information.

HOW PERSONAL DATA IS USED

ÂÜÀòÊÓƵ will use Personal Data within the scope of the ÂÜÀòÊÓƵ Services for the following:

  • Providing, operating, hosting, maintaining, connecting, and improving the ÂÜÀòÊÓƵ Services, and enabling you to access, use and connect the ÂÜÀòÊÓƵ Services
  • Processing and completing transactions within the ÂÜÀòÊÓƵ Services, such as creating and submitting expense reports, or booking corporate travel
  • Providing customer service and support, providing you with transactional communications, such as submission or booking confirmations, providing technical notices, updates, security alerts and support and administrative messages
  • Providing you with information and support for related ÂÜÀòÊÓƵ Services available to you under your Company's agreement
  • Understanding how the ÂÜÀòÊÓƵ Services are being configured and used, how the ÂÜÀòÊÓƵ Services and the user experience can be improved for the benefit of all users, and to develop new products and services
  • Investigating and preventing fraudulent transactions, unauthorized access or other security incidents, and other illegal activities

If your Company has subscribed for certain ÂÜÀòÊÓƵ Services that enable your Company to identify and confirm the location of some or all of their users and communicate with them during events such as natural disasters, attacks, or other risk events, then these ÂÜÀòÊÓƵ Services use location information from your profile and travel itineraries in the ÂÜÀòÊÓƵ Services or from the check-in location you provide directly through your mobile device, and they may also attempt to determine location from e-receipts or other partner or vendor services that you have connected to the ÂÜÀòÊÓƵ Services.

CHOICES YOU HAVE REGARDING PERSONAL DATA

Certain parts of the ÂÜÀòÊÓƵ Services permit you to make choices about what information is collected about you, how it is used, and with what third parties it is shared. As you use the ÂÜÀòÊÓƵ Services you will encounter choices, such as whether to enable e-receipts, enroll in My Travel Network , or connect with partner services you already use in the App Center. These features of the ÂÜÀòÊÓƵ Services can be enabled through settings in your ÂÜÀòÊÓƵ Services profile or through the ÂÜÀòÊÓƵ App Center. You can find out more about the Personal Data used and shared through these tools when you are presented the option to connect.

ÂÜÀòÊÓƵ mobile applications also enable you to make choices about Personal Data related to your location. If subscribed to by your Company, ÂÜÀòÊÓƵ's mobile applications features like Drive or ExpenseIt, for example, may base your location on the use of location services through your mobile device, which you may enable or disable through the mobile application itself along with the privacy settings in your mobile device.

You also have choices regarding some of the technologies used to track your use of the ÂÜÀòÊÓƵ Services, including cookies or Google Analytics. You may refuse the use of cookies by selecting the appropriate settings in your browser or through any other mechanisms provided. Note that the settings are limited to the particular browser installed on a particular device and that, as a consequence, if you use ÂÜÀòÊÓƵ Services with different browsers or different devices, including a mobile device, you may have to disable the tracking cookies in the browsers of all relevant devices. It may not always be possible to disable cookies in ÂÜÀòÊÓƵ mobile applications. Disabling cookies means that you may not be able to use the full functionality of the relevant site. Google Analytics may be used to compile reports on site activity and to help ÂÜÀòÊÓƵ improve the usability and functionality of the ÂÜÀòÊÓƵ Services. Information about Google's use of data collected is available at . Google provides a Google Analytics Opt-out Browser Add-on available here: .

You can also choose to connect the ÂÜÀòÊÓƵ Services with other ÂÜÀòÊÓƵ products you have subscribed for individually. ÂÜÀòÊÓƵ applications such as TripIt are available to you as an individual, and if you have subscribed and set up your own personal account with one or more of these applications, you may be able to connect these personal services with your ÂÜÀòÊÓƵ Services user account.

HOW PERSONAL DATA IS SHARED

ÂÜÀòÊÓƵ may share Personal Data with its global corporate affiliates and their agents and integrated service providers that cooperate to provide the ÂÜÀòÊÓƵ Services throughout the world to the extent necessary to provide the ÂÜÀòÊÓƵ Services.

Personal Data about you in the ÂÜÀòÊÓƵ Services is available to your Company and those other users, persons or third parties to which your Company chooses to provide access. Your Company may direct ÂÜÀòÊÓƵ to make information including Personal Data available to third parties through ÂÜÀòÊÓƵ APIs. As permitted under our agreement for the ÂÜÀòÊÓƵ Services, ÂÜÀòÊÓƵ may also share Personal Data with business partners, service vendors, authorized third-party agents or contractors in order to provide the ÂÜÀòÊÓƵ Services, including processing transactions, website hosting, customer or technical support, or analytics.

ÂÜÀòÊÓƵ does not sell or rent your Personal Data to third parties for marketing purposes unless you have separately granted us permission to do so. For more information on any use of your Personal Data for marketing purposes, please refer to our ÂÜÀòÊÓƵ Privacy Policy at /en-us/privacy-policy.

As described above, you may choose to link the ÂÜÀòÊÓƵ Services to certain third party sites or services and authorize access, such as through the ÂÜÀòÊÓƵ App Center, enrolling in My Travel Network, or connecting to personal applications like TripIt. When connected with TripIt, travel itineraries will be automatically synced between your accounts. This can include personal trips contained in TripIt unless you exclude such trips.

ÂÜÀòÊÓƵ may share Personal Data to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of agreements, respond to legal orders or process, or as otherwise required by law, as permitted under our agreement for ÂÜÀòÊÓƵ Services.

HOW PERSONAL DATA MAY BE TRANSFERRED TO THE UNITED STATES

ÂÜÀòÊÓƵ operates ÂÜÀòÊÓƵ Services from data centers in multiple locations globally, including in the United States. Using the ÂÜÀòÊÓƵ Services may result in the transfer, use, processing, or storage of Personal Data in the United States or any other country where ÂÜÀòÊÓƵ operates or maintains facilities or service centers, including jurisdictions that may not have data privacy laws that provide protections equivalent to those provided in your home country. ÂÜÀòÊÓƵ takes steps designed to ensure that the Personal Data is processed according to the provisions of our agreements, including any data processing agreements, as well as intercompany data processing agreements among corporate affiliates, and applicable law wherever the data is located.

RIGHTS FOR CERTAIN USERS

ÂÜÀòÊÓƵ adheres to applicable data protection laws in the European Economic Area, which, if applicable to you, include the following rights:

  • Where processing of Personal Data is based on your consent, you have a right to withdraw consent at any time for future processing
  • You have a right to request access to, rectification, or erasure of your Personal Data, or to transfer or receive a copy of your Personal Data in a usable format
  • You have a right to object to the processing of your Personal Data under certain circumstances
  • You have a right to lodge a complaint with an applicable data protection authority

You must contact your Company if you have questions or seek to exercise any of these rights.

SECURITY AND RETENTION OF PERSONAL DATA

ÂÜÀòÊÓƵ uses appropriate standard security technology and organizational measures to protect Personal Data from unauthorized disclosure and will retain Personal Data in active databases for varying lengths of time depending upon the specific ÂÜÀòÊÓƵ Services, type of data, and applicable law and instructions of the data controller.

UPDATES AND QUESTIONS

If ÂÜÀòÊÓƵ changes this privacy statement, ÂÜÀòÊÓƵ will post those changes and change the "last updated" date above. ÂÜÀòÊÓƵ may do this at any time without notice. If you have questions or concerns regarding this privacy statement, you must first contact your Company. If you do not receive acknowledgment of your inquiry, you may direct your inquiry to ÂÜÀòÊÓƵ's privacy coordinator at privacy-request@concur.com or to your local data protection authority.

***